In decentralized finance (DeFi) ecosystem, lenders can offer flash loans to borrowers, i.e., loans that are only valid within a blockchain transaction and must be repaid with some fees by the end of that transaction. Unlike normal loans, flash loans allow borrowers to borrow a large amount of assets without upfront collaterals deposits. Malicious adversaries can use flash loans to gather large amount of assets to launch costly exploitations targeting DeFi protocols. In this paper, we introduce a new framework for automated synthesis of adversarial contracts that exploit DeFi protocols using flash loans. To bypass the complexity of a DeFi protocol, we propose a new technique to approximate the DeFi protocol functional behaviors using numerical methods (polynomial linear regression and nearest-neighbor interpolation). We then construct an optimization query using the approximated functions of the DeFi protocol to find an adversarial attack constituted of a sequence of functions invocations with optimal parameters that gives the maximum profit. To improve the accuracy of the approximation, we propose a new counterexamples-driven approximation refinement technique. We implement our framework in a tool called FlashSyn. We evaluate FlashSyn on 12 DeFi protocols that were victims to flash loan attacks and DeFi protocols from Damn Vulnerable DeFi challenges. FlashSyn automatically synthesizes an adversarial attack for each one of them.
翻译:在分散化的金融(DeFi)生态系统中,放款人可以向借款人提供闪存贷款,也就是说,贷款只在链链交易中有效,并且必须在交易结束时以一定费用偿还。与正常贷款不同,闪存贷款允许借款人借大量资产而不先抵押存款。恶意对手可以利用闪存贷款收集大量资产,以针对DeFi协议启动代价高昂的开发开发。在本文中,我们引入了对以闪存贷款利用 DeFi 协议的对抗性合同自动合成的新框架。为了绕过 DeFi 协议的复杂性,我们建议采用新的技术,使用数字方法(极线性线性回归和近邻互换)来接近DeFi协议功能行为。然后我们利用DeFi协议的近似功能构建一个优化查询,以发现由具有最大利润的最佳参数的功能序列构成的对抗性攻击。为了提高近似性,我们提出了一个新的反抽样逼近技术。我们用一个名为FlashSyn的工具来实施我们的框架。我们用一种名为FlashSyn的工具对DeFialSimal协议来评估12号SimalSimal协议的每件Slavial协议。我们自动评估了一种易遭受到Dreal-Fial-FireFial式袭击的Simal协议。